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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address « 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 

WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )(3 Responsive to communication(s) filed on 28 January 2002 . 
2a)D This action is FINAL. 2b)K This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-12 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) ^ Claim(s) 1.2,6,7 and 9-11 is/are rejected. 

7) KI Claim(s) 3-5,8 and 12 is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)E3 The drawing(s) filed on 28 January 2002 is/are: a)^ accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 !)□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

1 2)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 1 9(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2.D Certified copies of the priority documents have been received in Application No. . 



3.D Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1 . Claims 1 - 1 2 are pending. 

Claim Rejections - 35 USC § 112 

2. The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

3. Claims 5 & 12 are rejected under 35 U.S.C. 1 12, second paragraph, as being indefinite 
for failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention. 

Regarding claim 5, the limitation "said replacement identifier" has no antecedent basis. 
For the purposes of this Office Action, claim 5 is understood to depend from claim 3 rather than 
claim 2. 

Regarding claim 12, the limitation "each decoy 55 has no antecedent basis. For the 
purposes of this Office Action, i( each decoy" is understood to mean u each decoy password". 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 
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5. Claims 9 & 1 1 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Cryptography and Network Security, Principles and Practice by Stallings (June 4, 1998) in view 
of U.S. Patent 6,338,138 to Raduchel et al. (Raduchel). 

Regarding claims 9 & 1 1, Stallings discloses intercepting the secret authenticator/Pc 
entered by the authorized user/user on C at a local computer system/C and forwarding the secret 
identifier/Pc to an authenticator broker system/Authentication Server (p. 326, (1), (2)), 
transmitting from the authenticator broker system to the local computer system a decoy 
password/Ticket in substitution of the secret authenticator of the authorized user/Pc (p. 326, (2), 
(3)), but lacks logging the authorized user onto the local computer system/C on the basis of the 
decoy password/Ticket transmitted tot eh local computer system from the authenticator broker 
system. However, Raduchel teaches that centralizing authentication to local machines provides 
the benefit of easier control over the local computers' access and use (col. 2, lines 14-20, lines 
28-33, lines 46-51 & lines 62-64). Therefore, it would have been obvious to one having ordinary 
skill in the art at the time the invention was made to modify Stallings to use the centralized 
Kerberos service to provide authentication for the local machines also. One of ordinary skill in 
the art would have been motivated to perform such a modification to provide the benefit of easier 
control over the local computers' access and use, as taught by Raduchel (col. 2, lines 14-20, lines 
28-33, lines 46-51 & lines 62-64). 

I 

6. Claim 10 is rejected under 35 U.S.C. 103(a) as being unpatentable over Stallings and 
Raduchel, as applied to claim 9 above, in further view of U.S. Patent Application Publication t 
2001/0029496 to Otto et al. (Otto). Stallings, as modified above, lacks storing the decoy 
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password in an authenticator file in said broker system/Kerberos. However, Otto teaches that a 
server can act as a cookie proxy, where cookies are stored on a proxy and given to server's 
requiring authentication at the request of a client fl|47). This allows anonymous browsing fl[45- 
47). Therefore, it would have been obvious to one having ordinary skill in the art at the time the 
invention was made to modify Stallings to allow the Kerberos server to act as an authentication 
proxy, if requested by the user, and hence store the authentication ticket. One of ordinary skill in 
the art would have been motivated to perform such a modification to allow the user to browse 
anonymously, as taught by Otto fl|45-47). 

7. Claims 1-2 are rejected under 35 U.S.C. 103(a) as being unpatentable over U.S. Patent 
6,000,333 to Kelley et al. (Kelley), in view of 6,338,138 to Raduchel et al. (Raduchel), in 
further view of U.S. Patent 6,263,369 to Sitaraman et al. (Sitaraman). 

Regarding claims 1-2, Kelley discloses an authenticator broker system/password program 
to intercept and redirect the identifier and secret authenticator/password (col. 6, lines 5-9) of a 
prospective user from the local computer system (col. 6, lines 5-9 & col. 7, lines 26-39), an 
authenticator broker file/password alias file (Table 1) communicating with said authenticator 
broker system/password program and having stored therein the secret authenticators/passwords 
corresponding to the personal identifiers entered by the prospective users at the local computer 
system, whereby a prospective user can gain access to a system when the authenticator entered 
by the prospective user matches the authenticator stored in said authenticator broker file/alias file 
(col. 5, line 56 - col. 6, line 4 & col. 7, lines 26-39), and a decoy authenticator file/password 
alias file (col. 5, line 56 - col. 6, line 4 & Table 1) communicating with the authenticator broker 
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system to assign a decoy authenticator/real password for the secret authenticator/virtual 
password entered by the prospective user at the local computer system (col. 5, line 56 - col. 6, 
line 4 & Table 1). Kelley lacks a local computer system authenticator file communicating with 
said local computer and having stored therein the secret authenticators corresponding to the 
personal identifiers entered by prospective users, and lacks gaining access to the local computer 
system when the entered authenticator matches the authenticator entered at the local computer. 
However, Raduchel teaches that centralizing authentication to local machines provides the 
benefit of easier control over the local computers' access and use (col. 2, lines 14-20, lines 28- 
33, lines 46-51 & lines 62-64). Therefore, it would have been obvious to one having ordinary 
skill in the art at the time the invention was made to modify Kelley to use a centralized 
authentication service to provide authentication for the local machines also, wherein when the 
entered authenticator matches the authenticator in the authenticator broker file, access to the 
local machine is authorized. One of ordinary skill in the art would have been motivated to 
perform such a modification to provide the benefit of easier control over the local computers' 
access and use, as taught by Raduchel (col. 2, lines 14-20, lines 28-33, lines 46-51 & lines 62- 
64). Further, Sitaraman teaches that continuously requesting access to a central server is a 
burden for authenticating users (col. 2, lines 7-13) and that one solution is to include a local 
cache having at least one user record which is updated in response to network access events (col. 
2, lines 38-48) that originate at the central authentication server (col. 4, lines 25-37 & col. 7, 
lines 14-36). Therefore, it would have been obvious to one having ordinary skill in the art at the 
time the invention was made to modify Kelley, as modified above, to include a local computer 
system authenticator file storing the secret authenticators corresponding to personal identifiers. 
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One of ordinary skill in the art would have been motivated to perform such a modification to 
reduce burden on the authentication server, as taught by Sitaraman (col. 2, lines 7-13, lines 38- 
48, col. 4, lines 25-37 & col. 7, lines 14-36). 

8. Claims 6-7 are rejected under 35 U.S.C. 103(a) as being unpatentable over Kelley, in 
view of Raduchel & Sitaraman, in view of U.S. Patent 6,321,338 to Porras et al. (Porras). 

Regarding claim 6, Kelley lacks the authenticator broker system being responsive to any 
intrusion into the local computer system. However, Porras teaches of a system that uses 
monitors to collect activity and report activity (col. 3, lines 42-44 & col. 4, lines 48-49) to a 
resolver (col. 8, lines 14-60) that responds accordingly to detect and respond to intrusions to 
protect against harmful attacks (col. 1, lines 20-54). Therefore, it would have been obvious to 
one having ordinary skill in the art at the time the invention was made to modify Kelley to be 
responsive to any intrusion into the local system. One of ordinary skill in the art would have 
been motivated to perform such a modification to protect the local computer system against 
harmful attacks, as taught by Porras (col. 1, lines 20-54, col. 3, lines 42-44, col. 4, lines 48-49 & 
col. 8, lines 14-60). 

Regarding claim 7, Kelley, as modified above, lacks the host being a mainframe 
computer. However, the examiner takes Official Notice that mainframes are old and well 
established in the art of computer as a way of managing large data storage and processing jobs. 
Therefore, it would have been obvious to one having ordinary skill in the art at the time the 
invention was made to modify Kelley to use a mainframe computer to perform the functions of 
the authentication broker and intrusion detection system. One of ordinary skill in the art would 
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have been motivated to perform such a modification to manage large data storage and processing 
jobs. This advantage is well known to those skilled in the art. 

Allowable Subject Matter 

9. Claims 3-5, 8 & 12, as best understood, are objected to as being dependent upon a 
rejected base claim, but would be allowable if rewritten in independent form including all of the 
limitations of the base claim and any intervening claims. 

10. The following is a statement of reasons for the indication of allowable subject matter: 
Regarding claim 3, the prior art relied upon fails to teach or suggest a replacement 

identifier being randomly assigned by the mapping file/alias file for the identifier entered by the 
prospective user and intercepted by said authentication broker system. Claims 4-5 are objected 
to because of their dependency on claim 3. 

Regarding claim 8, the prior art relied upon fails to teach or suggest a mapping file 
communicating with the authenticator broker system to assign a replacement identifier stored in 
said mapping file for the identifier entered by the prospective user at the local computer system 
and intercepted by said authenticator broker system, said authenticator broker system, said 
mapping file and said decoy authenticator file being located at said mainframe host computer. 

Regarding claim 12, the prior art relied upon fails to teach or suggest the user accessing a 
plurality of local computer systems, each local system being identified in an identifier mapped to 
each decoy password and authenticator, and wherein the identification of a compromised system 
is determined by the local system identifier. 
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Conclusion 



1 1 . Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Michael J. Simitoski whose telephone number is (571) 272-3841. 
The examiner can normally be reached on Monday - Thursday, 6:45 a.m. - 4:15 p.m.. The 
examiner can also be reached on alternate Fridays from 6:45 a.m. -3:15 p.m. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 

supervisor, Gregory Morse can be reached at (571) 272-3838. 

Any response to this action should be mailed to: 

Commissioner for Patents 
P.O. Box 1450 
Alexandria, VA 22313-1450 
Or faxed to: 

(571)273-8300 

(for formal communications intended for entry) 

Or: 

(571) 273-3841 (Examiner's fax, for informal or draft communications, please 
label "PROPOSED" or "DRAFT") 

Any inquiry of a general nature or relating to the status of this application or proceeding should 
be directed to the receptionist whose telephone number is (571) 272-2100. 

Information regarding the status of an application may be obtained from the Patent 

Application Information Retrieval (PAIR) system. Status information for published applications 

may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 

applications is available through Private PAIR only. For more information about the PAIR 

system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 

system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). a 




MJS 

September 1,2005 
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